Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 513

What must be configured on Cisco Secure Endpoint to create a custom detection file list to detect and quarantine future files?

Answer options

• A. Create an advanced custom detection and upload the hash of each file.
• B. Add a network IP block allowed list to the configuration and add the blocked files.
• C. Use the simple custom detection feature and add each detection to the list.
• D. Configure an application control allowed applications list to block the files.

Correct answer: C

Explanation

The correct answer, C, is right because the simple custom detection feature specifically allows users to add detections to a list efficiently. Option A involves advanced detection which is not required for creating a simple list, while B and D pertain to network and application control settings that do not address file detection and quarantine.